Re: Rejecting weak passwords
| От | Andrew Dunstan |
|---|---|
| Тема | Re: Rejecting weak passwords |
| Дата | |
| Msg-id | 4AC0C030.9080803@dunslane.net обсуждение исходный текст |
| Ответ на | Re: Rejecting weak passwords ("Ing. Marcos L. Ortíz Valmaseda"<mlortiz@uci.cu>) |
| Ответы |
Re: Rejecting weak passwords
|
| Список | pgsql-hackers |
Ing. Marcos L. Ortíz Valmaseda wrote: >> >> My vote is for #3, if anything. >> >> > You have to analyze all points before to do this. I vote too for the > third option, but you have to be clear that how do you ´ll check the > weakness of the password: > 1- For example: the length should be greater that 6 char.. > 2- The password should be have a combination fo numbers, letters and > others dots > > Things like that you have to think very well, or to do a question to > the list asking which are the best options. > > I think the same about the PAM and LDAP auth > > I'm voting for #3 precisely so postgres doesn't have to think about it, and the module author will do all the work implementing whatever rules they want to enforce. cheers andrew
В списке pgsql-hackers по дате отправления: